Noteworthy presentations at HITBSecConf2007

HITBSecConf2007 is taking place between September 3rd and 6th 2007 in Kuala Lumpur.

Here’s a list of interesting presentations:

Injecting RDS-TMC Traffic Information Signals – How to Freak Out Your Sat Nav System
RDS-TMC is a standard based on RDS (Radio Data System) for communicating over FM radio Traffic Information for Satellite Navigation Systems. All modern in-car Satellite Navigation systems sold in Europe use RDS-TMC to receive broadcasts containing up to date information about traffic conditions such as queues and accidents and provide suggested detours in case they affect the plotted course. In this presentation, the audience will be introduced to RDS/RDS-TMC concepts and protocols. In addition, we will show how you can decode/encode such messages using a standard PC and cheap home-made electronics with the intent of injecting information in the broadcast RDS-TMC stream to manipulate the information displayed by the satellite navigator.

Hacking SCADA: How to 0wn Critical National Infrastructure
This talk will introduce the audience to SCADA environments and its totally different security approaches, outlining the main key differences with typical IT Security best practices. We will analyze a lot of real world case studies related to Industry, Energy and other fields. We will describe the most common security mistakes and some of the dire consequences of such mistakes to a production environment. In addition, attendees will be shown a video of real SCADA machines reacting to these attacks in the most “interesting” of ways!

Attacking Cisco Network Admission Control – NAC@ACK
The last two years have seen a big new marketing-buzz named “Admission Control” or “Endpoint Compliance Enforcement” and most major network and security players have developed a product-suite to secure their share of the cake. While the market is still evolving one framework has been getting a lot of market-attention: “Cisco Network Admission Control”. NAC is a pivotal part of Cisco’s “Self Defending Network” strategy and supported on the complete range of Cisco network- and security-products. From a security point of view “NAC” is a very interesting emerging technology which deservers some scrutiny. The Cisco NAC solution contains two major design-flaws which enable us to hack (at least) two of the three different variants using some kind of “posture spoofing attack”. We will demonstrate code & tool for posture spoofing in Cisco NAC secured networks.

A video where the authors talk about this presentation for Help Net Security can be watched here.

Hacking Biometric Systems
Today biometric systems are becoming mainstream. They can be found everywhere – in mobile phones, computers, ATMs even in passports. Apart from facial recognition systems and barely used systems like iris and vein scanners, fingerprint readers are built into most biometric products. Contrary to the assurance of the manufacturers, nearly every system is still very easy to hack. This talk will show the different techniques of hacking biometric systems from the attack on the communications (with a ARM-driven replay attacking device) and the stored reference data to the direct hack of the sensor itself. Making a dummy fingerprint from a picture of a fingerprint stored onto a passport for example is the masterpiece of hacking biometric systems, because you always have access to the sensor and its very hard to find proper countermeasures.

An End-to-End Analysis of Securing Networked CCTV Systems
This session will look at every component of a Wireless Camera and PTZ Camera (Pan, Tilt, Zoom) on a networked CCTV System from end to end. This includes all hardware (includes middleware, as well as the chips), software and protocols that can be considered as components of the overall system. The talk will identify similarities and differences with components used in other embedded devices and their existing vulnerabilities on some part of the end-to-end CCTV system. The talk will give sample setups that are recommended by various manufacturers, and those that are used, identifying weak points. The talk will also cover some of the human aspects of the systems, and where manufacturers of hardware and software are taking Law Enforcement with their technology.

Hacking the Bluetooth Stack for Fun, Fame and Profit
Enhancements in cellular technology and mobile computing in recent years has lead to the availability of affordable and powerful mobile devices. Where before cellular phones where relegated only to the business class and other members of the upper-echelon of society, today they are deemed a necessity and have become so cheap in comparison to phones of years past that almost anybody can own one. One of these enhancements is definitely the Bluetooth specification, which allows for the creation of short range wireless personal area networks. In recent years however, it has come to light that various flaws exist in certain Bluetooth implementations.